As a keystroke injection attack tool capable of mimicking both a USB keyboard and mass storage, the USB Rubber Ducky excels at autonomously exfiltrating documents – or what we like to call performing an involuntary backup. In this article I will briefly outline the steps necessary to turn your USB Rubber Ducky into a document exfiltration machine, as described on Hak5 episodes 2112, 2113 and 2114.

In this tutorial we’ll be setting up a Reverse Shell payload on the USB Rubber Ducky that’ll execute in just 3 seconds.

A reverse shell is a type of shell where the victim computer calls back to an attacker’s computer. The attacking computer typically listens on a specific port. When it receives the connection it is then able to execute commands on the victim computer. In essence it’s remote control of a computer.

Can you social engineer your target into plugging in a USB drive? How about distracting ’em for the briefest of moments? 15 seconds of physical access and a USB Rubber Ducky is all it takes to swipe passwords from an unattended PC.

In honor of the USB Rubber Ducky appearance on a recent episode of Mr Robot, we’re recreating this hollywood hack and showing how easy it is to deploy malware and exfiltrate data using this Hak5 tool.